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[57] ABSTRACT 

A method and system for securely indicating to a customer 
one or more credit card numbers that a merchant has on file 
for the customer when communicating with the customer 
over a non-secure network. The merchant sends a message 
to the customer that contains only a portion of each of the 
credit card numbers that are on file with the merchant The 
message may also contain a notation explaining which 
portion of each of the credit card numbers has been 
extracted. A computer (38) retrieves the credit card numbers 
on file for the customer in a database (40), constructs the 
message, and transits the message to a customer location 
(10) over the Internet network (30) or other non-secure 
network. The customer can then confirm in a return message 
that a specific one of the credit card numbers on file with the 
merchant should be used in charging a transaction. Since 
only a portion of the credit card number(s) are included in 
any message transmitted, a third party cannot discover the 
customer's complete credit card numbers). 

20 Claims, 3 Drawing Sheets 
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TO: JOHN@CUSTOMEH.COM 56 
FROM: MAILB0T@MERCHANT.COM 
SUBJECT: CREDIT CARD SELECTION; 

ORDER MESSAGE ID (MID) MID-JOHN-7452 


[ORDER SPECIFIC INFORMATION WOULD BE INCLUDED IN 
THE FIRST PARAGRAPH.) 

WE ALREADY HAVE YOUR SHIPPING ADDRESS AND CREDIT 
CARD INFORMATION ON FILE. PLEASE CONFIRM IN A REPLY 
MESSAGE THAT THE INFORMATION LISTED BELOW IS 
CORRECT BY INCLUDING THE WORDS "AS USUAL" AS THE 
FIRST TWO WORDS IN THE BODY OF THE MESSAGE OR, 
PROVIDE ANY CORRECTIONS TO THE INFORMATION. 

YOUR SHIPPING ADDRESS WILL BE: 

JOHNW. CUSTOMER 

123 ANYSTREET 
58 ANYCITY, AS 12345 

WE HAVE THE FOLLOWING CREDIT CARD NUMBERS ON FILE 
FOR YOU (ONLY THE LAST FIVE DIGITS ARE SHOWN FOR 
SECURITY REASONS). PLEASE INDICATE THE CREDIT CARD 
NUMBER THAT SHOULO BE USED TO PAY FOR THIS ORDER 
BY INCLUDING THE REFERENCE LETTER OF THAT CREDIT 
CARD, WHICH IS USED BELOW, IN YOUR REPLY MESSAGE. 

54 

REF LETTER TYPE LAST 5 DIGIT? EXP. PATE 

A. VISA 86543 10/98 

B. VISA 21883 04/97 

C. MC 15609^ 08/98 

52 


FIG. 2 
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SECURE METHOD AND SYSTEM FOR 
COMMUNICATING A LIST OF CREDIT 
CARD NUMBERS OVER A NON-SECURE 
NETWORK 

3 

RELATED APPLICATIONS 

This application is a continuation-in-part of prior copend- 
ing application Scr. No. 08/413242, filed Mar. 30, 1995, the 
benefit of the filing date of which is hereby claimed un der35 
U.S.C. § 120. 

FIELD OF THE INVENTION 

The present invention generally relates to a method and 
system for communicating confidential information over a is 
non-secure network, and more specifically, for communi- 
cating credit card data over the non-secure network. 

BACKGROUND OF THE INVENTION 

Catalog shopping represents an increasing part of the 20 
economy. The growth in its popularity can in part be 
explained because consumers have learned that goods pur- 
chased from a catalog are often much less expensive than if 
purchased through a normal retail store. In addition, because 
a customer can shop without leaving the comfort of home or 23 
office, placing an order for merchandise from a catalog 
makes much more efficient use of the customer's time. 

Shopping for goods and services using a personal com- 
puter to place an order on a network is a natural extension ^ 
to the more traditional catalog shopping, since the customer 
enjoys these same benefits. The COMPUSERVE™ network 
and other private networks have long offered members the 
opportunity to browse through on-line "Electronic Shopping 
Malls** and place orders for goods shown and described ^ 
therein. New opportunities for shopping via personal com- 
puters arise daily as more people gain access to the Internet 
network, with its interconnectivity and easy access to loca- 
tions throughout the world via the World Wide Web or 
E-mail. ^ 

A credit card facilitates making purchases via telephone 
or over the network. However, users are justifiably con- 
cerned about their credit card numbers being transmitted 
over networks such as the Internet, for example, via E-mail, 
because of the lack of secure communications. 45 

Security on public networks at the present time is virtually 
non-existent, making it relatively easy for an unauthorized 
third party to gain access to credit card data transmitted over 
the network. Once a dishonest person has another person's 
credit card number, thousands of dollars can be improperly w 
charged to that credit card account. 

Currently, most transactions occurring over networks 
such as the Internet are done in two parts. The majority of 
the order information, such as customer name and shipping 
address, is transmitted over the network. In the second step, 55 
the customer places a telephone call to the merchant to 
provide credit card information for billing purposes. 
Alternatively, the customer may fax the credit card infor- 
mation to the merchant 

Regardless of the method used by the customer to convey 60 
the credit card information to the merchant after the infor- 
mation has once been conveyed, it can remain "on file" with 
the merchant in a customer database. For subsequent 
purchases, the customer need not communicate a credit card 
number to the merchant The customer need only provide his 65 
or her name to the merchant, and so long as the shipping 
address provided by the customer matches that on file, the 


2 

merchant will use the credit card number the customer 
previously gave to the merchant to charge the order placed. 
If the shipping address is different than that on file with the 
merchant, the transaction can still be completed if the 
customer confirms his or her identity, possibly by providing 
an account ID and/or password established at the time the 
credit card number was initially conveyed. 

Leaving a credit card number on file with the merchant is 
advantageous to the customer, because it eliminates the need 
to communicate the credit card information when making 
subsequent purchases. Providing the credit card information 
each time mat a purchase is made is inconvenient to a 
customer. Furthermore, each time that the credit card infor- 
mation is conununic&ted to a merchant another opportunity 
is presented for an unauthorized third party to gain access to 
the credit card data. 

Credit cards are so convenient to use and easy to obtain 
that most people have several general purpose credit cards of 
different types. As a result a problem can arise when placing 
orders with a merchant that maintains credit card informa- 
tion from previous orders for each customer. Since a sub- 
stantial period of time may elapse between orders placed 
with a particular merchant, it is possible that the customer 
may forget which credit card number (or numbers) were left 
on file with a merchant The specific credit card number on 
file with the merchant may be important to the customer for 
any number of reasons, including the possibility that the 
credit card to which the merchant may charge the transaction 
is at its credit Limit and should therefore not be charged for 
the current purchase. 

As noted above, it is also possible that the customer may 
have more than one credit, card number on file with the 
merchant and may prefer to charge die current transaction to 
a specific credit card account If the customer is to choose 
between multiple credit card numbers on file with the 
merchant it would be advantageous if the merchant could 
present to the customer, at the time the order is placed, a list 
of the credit card numbers the merchant has on file for that 
customer. 

The merchant could send the list of credit card numbers 
on file to the customer over the Internet or other non-secure 
network, by straightforward means, such as by displaying to 
the customer a World Wide Web page containing the credit 
card numbers or by sending an E-mail message containing 
the credit card numbers to the customer. However, sending 
the credit card numbers in this manner would jeopardize the 
security of the numbers, possibly placing the customer at 
risk. 

Alternatively, the credit card numbers could be encrypted 
at the merchant's location using any of several techniques 
(including public key encryption) before being transmitted 
to the customer location, where they would be unencrypted 
and then viewed by the customer. However, applying 
encryption techniques when transmitting a list of credit card 
numbers requires that the customer have access to the proper 
decryption software. The widespread dissemination of such 
software will likely not occur for some time. 

A new method for a merchant to convey a list of credit 
card numbers on file for a customer to the customer over a 
non-secure network is needed that does not jeopardize the 
security of the customer's credit card information. The 
present invention provides a solution to this problem that is 
relatively efficient and foolproof. 

SUMMARY OF THE INVENTION 
In accordance with the present invention, a method is 
defined for enabling a merchant to indicate to a customer, by 
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a communication over a non-secure network, the customer's method. The message indicates a credit card number (or 
credit card number that will be charged for a transaction; the numbers) of the customer that is maintained by the merchant 
indication occurs wimewt risk that a third party will discover in a database. The system includes a computer for use in 
the customer's credit card number. The credit card number constructing and transmitting the messages, and the corn- 
is maintained in a database by the merchant As used 3 puter has a central processor that executes instructions. A 
throughout mis specification and in the claims that follow, memory in the computer stores the instructions to be 
the term "credit card" is intended to encompass debit cards executed, and non-volatile storage stores the database and 
and any other form of credit or debit used to make a purchase the messages. The instructions stored in the memory of the 
by providing a reference Dumber mat uniquely identifies a computer cause the central processor to perform functions 
purchaser's account from which funds to pay a seller for to that are generally consistent with the steps of (he method 
goods or services will be transferred. The method includes described above. 

the sten of retrieving the credit card number of the customer ^ 

LTSSpLion of *e credit card number «ha« BRIEF DESCRIPTION OF THE DRAWING 

is substantially smaller than the complete credit card number MUUKta 

is then extracted from the credit card number retrieved 15 ^ f^g^g aspects and many of the attendant advan- 

Next a message containing the portion of the credit card ^ ^ mvent i 0I j ^ become more readily appreciated 

number is constructed and the message is transmitted to the ^ me game better understood by reference to the 

customer over the non-secure network. following detailed description, when taken in conjunction 

The message also preferably includes a notation indicat- w ith the accompanying drawings, wherein: 

ing the portion of the credit card number that has been 20 ^ 1 is a block diagram illustrating the components 

included in the message. Also, in the preferred embodiment, involved in the communication between a merchant location 

(he portion comprises the last N digits of the credit card and a customer location, over a non-secure network, in 

number, where N is an integer. In the preferred embodiment, accoro ^ mc present invention; 

the message may comprise either an E-mail message ^ 2 m$tiatcs m exen)pky E-mail message transmit- 

addressed to the customer or a World Wide Web page. ted from a merchant to a customer that includes portions of 

In addition, the method also deals with the condition CTcdit ^ num bers indicating the credit card information 

where the merchant maintains a plurality of credit card ^ me mercliant ^ maintaining for the customer; 

numbers of the customer in the database. In this case, each FIG. 3 is a flow chart showing the steps for conveying to 

of the plurality of the credit card □umbers^ ^ customer ^ ^ .^cation ^ mc ^wx's credit card 

that are in the database are retrieved and portions of each of umberg ^ m on me by ^ e merchant, in accord with the 

the plurality of credit card numbers of the customer are invention* and 

extracted The message is constructed so that it contains the present invenuon, ano 

^rt^Tof each of the plurality of the credit card numbers FIG. 4 is a flow chart illustrating the steps implemented 

portions or each ot toe piuramy or me crcuu «u when extracting a portion of each of the credit card numbers 

of the customer. 35 ^ud j m a message transmitted to the customer by the 

If the portions of the plurality of the credit card numbers J^iant 

of the customer do not all differ from each other, the size of m 

the portion of each of said plurality of the credit card DESCRIPTION OF THE PREFERRED 

numbers extracted is successively increased (up to some EMBODIMENT 
predefined limit) to form a larger portion, until the larger ^ 

portions of the credit card numbers all differ from each other. With reference to FIG. 1, the principal components used 
Then, the message is constructed to Include the larger to implement the present invention are illustrated in a block 
portions of the plurality of the credit card numbers. In diagram. At the top of the Figure, a dash line defines a 
addition, the method preferably further comprises the step of customer location 10, which in many cases will be the 
indicating in the message to the customer a credit card 45 customers home or place of business. At customer location 
expiration date associated with each of the portions of the 10, a personal computer 12 is employed to receive and 
credit card numbers listed. The portions of two credit card transmit E-mail or to receive and transmit data over the 
numbers then differ from each other if the credit card world Wide Web or to receive and transmit messages by 
expiration dates associated with the portions of the two some other means. Personal computer 12 is generally con- 
credit card numbers are different, even though the portions ^ ventional in design, conmrising a processor chassis 14 
of the two credit card numbers are numerically equal within which are disposed a central processing unit (CPU) 
Similarly, the message can indicate a credit card expiration and supporting integrated circuitry. Coupled to processor 
date associated with each of the portions of the credit card chassis 14 is a keyboard 16 and a monitor 18. Personal 
numbers listed. Then, the portions of two credit card num- computer 12 is controlled by the customer using keyboard 
bers will be found to differ from each other if the credit card 5J 16 and a mouse 20 (optional) or other pointing device that 
expiration dates associated with the portions of the two controls a cursor mat is moved about on the screen of the 
credit card numbers are different, even though the portions monitor to make selections in programs executing on the 
of the two credit card numbers are numerically equal personal computer. In the front panel of the processor 

When the database includes multiple credit cards for the chassis are mounted a floppy drive 22 and a hard drive 24. 

customer, the customer is requested to indicate a specific one 50 Although a desktop type of personal computer is aius- 

of the plurality of the credit card numbers of the customer tratedin FIG. 1, it will be understood that a laptop or other, 

that should be used in a transaction with the merchant This type of portable computer, a M dumb n terminal, or a personal 

response can be provided to the merchant in a return digital assistant can also be used in connection with the 

message from the customer to the merchant present invention, for receiving and transmitting messages 

Another aspect of the present invention is directed to a 63 over a non-secure network. In addition, a workstation on a 

system for constructing and Emitting a message from a local area network at the customer location can be used 

merchant to a customer using a non-secure transmission instead of personal computer 12 for receiving and transmit- 
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ting messages over the non-secure network. Accordingly, it with one of the customers who has previously transacted 

should be apparent that the details of personal computer 12 business with the merchant and with other data for the 

are not particularly relevant to the present invention. Per- customers, such as names, addresses, and telephone num- 

sonal computer 12 simply serves as a convenient interface bers. 

for receiving and transmitting messages over the non-secure 3 ^ ( ^ scussc< i above in the Background of the Invention, 

network. public networks such as Internet network 30 are notoriously 

While the present invention is applicable to private net- lacking in security for transmission of sensitive and confi- 

works such as COMPUSERVE™. PRODIGY™, and dential data, such as credit card numbers. Sending a message 

AMERICA ONLINE™, in FIG. 1, personal computer 12 is containing a complete credit card number from merchant 

shown connected to an Internet network. 30. The connection 10 location 32 10 customer location 10 over Internet network 30 

between personal computer 12 and die Internet can be woul<J me of ^ credit card number, 

through a modem and telephone line via a private network Howcvcn a merchant can safely employ the present inven- 

service provider that is directly connected to the foteraet ^ to ^ a m e l0 a customcr indicating the credit 

network, through an fote^ ^ numbex(s) mat ^ mstomci has on mc whh the 

connected, or via a direct high-speed data connection. Tht 15 mc ^ ^ ^ conveyed over the Internet 

details of the type of connection to the Internet other) ^ mfirchant location 32 10 customer location 10, 

network are of no consequence in the present invention. ^ ^ ^ Kama's credit card numbers) might 

Internet network 30 is depicted in FIG. 1 as an amorphous ^ by a third party, 

shape to indicate that it ^^ e ^ n ^ nt ^ v ^ An exemplary E-mail message 50 that indicates a cus- 

involve many fcousands of nodes ^<^™*l™ y £' 20 tomCT ' s ^ card numbers on file by a merchant is shown 

ing signals by land lines, satellite and/or optical fibers^ The ^ TO ^Lage heading 56 includes an E-mail address, 

details of the Internet network are, however, not important in JJJJJ^ m J^ t who ? ^ding the message, provides 

the present invention. ^ message ID (MID) number that identifies the 

The present invention is likely to find application when a tnMactUm to ^ t0 ^ customer's credit 

customer is placing or has placed an order with an on-line ^ ^ account ^ and notes mat me mbica of me message is 

merchant for a service or merchandise via the Internet (or cflrf $clcction 

other non-secure network). The present, invention is appli- ' ^^,:a~a 

cable in those cases where the customer has previously * f*.*"** * c ^ <*Pf™*™ 'T<™ 

JLd one or more orders with the machantand has *?< ^cates «* res P° nsc re ^ " e "' 

provided the merchant with one or more credit card x AM*"** not shown in this exemplary message the raer- 

ZteTs, wLchTe merchant has maintained in a customer chant may also include language u J^^*^« 

„ ' ^ ^ ^. *i the customer to make a particular or additional purchases. 

^e ^p-tanuy the |Ler is reply to £ 

cardpreviousiy^vided ^^^^ 

acton. If more than one credit card Disappears*, fte 35 ^ a ^ S2 J is ,Vbe charged for the current 

file for the customer. it ^. fi f° */^ s ^£,?* transaction. If a customer has only a single credit card 

^stomer to uidicate the specific credit card ^numbo ^ftat on fflc ^ ^ mcrchant fcc message will ask the 

should be charged. When a merchant needs to tiammt ^ on mc 

information indicating the credit card numbers that a cus- . , 77 . "t. . _ 

Her has on file wut the merchant a message containing 40 *h°uld * c ™* trans^n. 

this information can be transmitted over the Internet network The message sent by the merchant indicates only a portion 

from a merchant location 32 to the appropriate customer of each of the credit card numbers that me customer has on 

location 10, using the present invention, without compro- file with the merchant. In this example a heading 54 notes 

mising the confiLtiaHty and security of the customer's that ONLY the last five digits of the entire twelve to sixteen 

credit card numberfs). 45 m Ac «W rfc " 1 crcdlt card numbcr m mclude , d ID i hc 

In FIG. l,San location 32is indicated by a dash line niessage in list 5Z Although in this example the last five 

surroundmg the components, including a computer 38, that digits of the comp ete credit card ^^J^f^ 

the merchant uses tc^mmunicate with customers through message, * wfll be appreciated that either fewer or more 

mL^ conveyed over the Internet. Preferably, computer five dig*s of the credit card number can instead be 

38 comprises a SUN SPARC5™ minicomputer, which 50 displayed m list 52. ^ , 

includes a CPU, RAM, ROM, and a non-volatile storage Alternatively, the message might display the first n digits 

device (a high-speed hard drive— not separately shown) for of the credit card numbers; however, this alternative is less 

use in storing a database 40. Computer 38 is coupled to a likely, because the first few digits are the same for a large 

router 36, such as a Livingston PORTMASTER™, which is number of credit cards. This detail is relatively unimportant 

connected to a digital service unit/customer service unit 55 &o long as the message displays only a relatively small 

(DSU/CSU) 34, such as an ADC KENTROX D-SERV™. subset of the entire credit card number. 

The DSU/CSU is connected to high-speed data lines that Further details of the process for indicating to the cus- 

access Internet network 30. In the memory of computer 38 tomer the credit card numbers that the customer has on file 

are stored application programs that execute on the CPU. with the merchant are illustrated in the flow chart shown in 

Among these programs, for use in the present invention, are 00 FIG. 3. beginning at a start block SO. In a block 82, computer 

an ORACLE™ database management system and custom 38 retrieves from database 40 all of the credit card numbers 

software. The programs or software comprise machine on file for a specific customer, who is at customer location 

instructions that instruct the CPU within computer 38 to 10. In a block 84, computer 38 extracts a portion of each of 

implement the steps of the present invention, generally as the credit card numbers retrieved in block 82. In a block 86, 

explained below. 65 computer 38 constructs a message (E-mail, World Wide Web 

Credit card numbers for customers are stored in database page, or other type of message) containing the portion(s) of 

40 by the merchant. Each credit card number is associated the credit card numbers) extracted in block 84. In a block 
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88. compute* 38 transmits the message prepared In block 86 
from merchant location 32 to customer location 10 over 
Internet network 30. In a block 90, the process is concluded. 

In the preferred embodiment, the step of extracting a 
portion of each credit card number, which is referenced in 
block 84, is described in detail in FIG. 4 beginning at a start 
block 100. In a Mock 102. a variable N is set equal to 5. In 
a decision block 104. the numbers represented by the last N 
digits of each credit card number are examined for unique- 
ness. (The last N digits of a credit card Dumber referred to 
as a *taiT in the following discussion.) If the tails of the 
customer's credit card numbers are all different or unique 
within the set of tails, the extraction process concludes in a 
block 110. by returning the last N digits or tall of each credit 
card number. If the tails of all of the customer's credit card 
numbers are not unique within the set the value of N is 
incremented by 1 in a block 106. Although not specifically 
indicated within the flow chart, uniqueness of a tall also 
depends upon the type of credit card and may depend upon 
other data on the credit card, such as the expiration date. 
Thus, a customer's VISA™ credit card expiring on 5/97 
would be uniquely identified relative the customer's DIS- 
COVER™ credit card expiring on 8/96. even though bom 
cards were indicated by the same last N digits or tails, 
because the two credit cards are of different type and/or have 
different expiration dates. 

In a decision block 108. the variable N is examined to 
determine if it is equal 7. If so, the extraction process again 
concludes in block 110, by returning the last N digits as the 
tails of the customer's credit card numbers. Returning to 
decision block 108, if N does not equal 7, processing loops 
back to decision block 104, where the N digits comprising 
the tails of the customer's credit card numbers are again 
examined for uniqueness within the set Regardless of the 
path taken, the logic eventually reaches block 110, from 
which point processing continues with block 86 in FIG. 3. 

Although the present invention has been described in 
connection with the preferred form of practicing it those of 
ordinary skill in the art will understand that many modifi- 
cations can be made thereto within the scope of the claims 
mat follow. Accordingly, it is not intended that the scope of 
the invention In any way be limited by the above description, 
but instead be determined entirely by reference to the claims 
that follow. 

The invention in which an exclusive fight is claimed is 
defined by the following: 

1. A method enabling a merchant to indicate to a customer 
by a communication over a non-secure network, a credit 
card number of the customer that is maintained in a database 
by the merchant, said method comprising the steps of: 

(a) retrieving the credit card Dumber of the customer from 
the database; 

(b) extracting a portion of the credit card number, said 
portion being substantially smaller than the complete 
credit card number,, 

(c) constructing a message containing the portion of the 
credit card number; and 

(d) transmitting the message to the customer over the 
non-secure network. 

2. The method of claim 1, wherein the message also eo 
includes a notation indicating the portion of the credit card 
number that has been included in the message. 

3. The method of claim 1, wherein the portion comprises 
the last N digits of the credit card number, where N is an 
integer. 65 

4. The method of claim 1, wherein the message comprises 
an E-mail message addressed to the customer. 
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5. The method of claim 1, wherein the message comprises 
a World Wide Web page. 

6. The method of claim 1, wherein the merchant maintains 
a plurality of credit card numbers of the customer in the 
database, further comprising (he steps of repeating steps (a) 
and (b) for each of the plurality of the credit card numbers 
of the customer that are in the database to obtain portions of 
each of the plurality of credit card numbers of the customer, 
and constructing the message so chat the message contains 
the portions of each of the plurality of the credit card 
numbers of the customer. 

7. Hie method of claim 6, further comprising the steps of 
determining if the portions of the plurality of the credit card 
numbers of the customer all differ from each other, and if 
not successively increasing a size of the portion of each of 
said plurality of the credit card numbers extracted to form a 
larger portion, until said larger portions all differ from each 
other, and then constructing the message to include the 
larger portions of said plurality of the credit card numbers. 

8. The method of claim 7. further comprising the step of 
indicating in the message a type of credit card for each of the 
portions of the credit card numbers listed, wherein the 
portions of two credit card numbers differ from each other 
f the portions of said two credit card numbers are from 
different types of credit cards, even though the portions of 
said two credit card numbers are numerically equal. 

9. The method of claim 7, further comprising the step of 
indicating in the message a credit card expiration date 
associated with each of the portions of the credit card 
numbers listed, wherein the portions of two credit card 
numbers differ from each other if the credit card expiration 
dates associated with the portions of said two credit card 
numbers are different even though the portions of said two 
credit card numbers are numerically equal. 

10. The method of claim 7, further comprising the step of 
requesting the customer to indicate a specific one of the 
plurality of the credit card numbers of the customer that 
should be used in a transaction with the merchant in a return 
message. 

11. A system for constructing and transmitting a message 
from a merchant to a customer using a non-secure transmis- 
sion method, said message indicating a credit card number 
of the customer that is maintained by the merchant in a 
database, comprising: 

(a) a computer for use in constructing and transmitting 
said messages, said computer having a central proces- 
sor that executes instructions, a memory for storing the 
instructions to be executed, and non-volatile storage for 
storing the database and the messages; and 

(b) said instructions stored in the memory of the computer 
causing the central processor to: 

(i) retrieve the credit card number of the customer from 
the database stored in the non-volatile storage; 

(ii) extract a portion of said credit card number, said 
portion being substantially smaller than the complete 
credit card number, 

(iii) construct a message including the portion of the 
credit card number; and 

(rv) transmit the message to the customer using the 
nonsecure transmission method. 

12. The system of claim 11, wherein the instructions cause 
the central processor to include in the message a notation 
indicating the portion of the credit card number that has been 
included in the message. 

13. The system of claim 11, wherein the instructions cause 
the central processor to extract the last N digits of the credit 
card number for use as said portion, where N is an integer. 
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14. The system of claim 11, wherein the instructions cause 
the central processor to construct the message as an E-mail 
message. 

15. The system of claim 11, wherein the instructions cause 
the central processor to construct the message as a World 
Wide Web page. 

16. The system of claim 11, wherein the merchant main- 
tains a plurality of credit card numbers for the customer Id 
the database, and wherein the instructions cause the central 
processor to: 

(a) retrieve all of said plurality of the credit card numbers 
from the database; 

(b) extract portions of the plurality of the credit card 
numbers; and 

(c) construct the message so that the message includes 
said portions of said plurality of credit card numbers. 

17. The system of claim 16, wherein the instructions 
further cause the central processor to: 

determine if the portions of the plurality of the credit card 
numbers of the customer that are extracted all differ 
from each other, and if not* 

(a) successively increase a size of said portions to form 
larger portions of said plurality of credit card num- 
bers until said larger portions all differ from each 
other; and 
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(b) construct the message so that the message includes 
the larger portions. 
18. The system of claim 17. wherein the instructions cause 
the central processor to indicate in the message a type of 
5 credit card associated with each portion of the credit card 
numbers listed; and to determine that the portions of the 
credit card numbers differ from each other if the portions of 
said two credit card numbers are for different types of credit 
cards, although the portions of said two credit card numbers 
l0 are numerically equal. 

15. The system of claim 17, wherein the instructions cause 
the central processor to indicate in the message a credit 
expiration date associated with each of the portions of the 
credit card numbers listed; and to determine that the portions 
13 of two credit card numbers differ from each other if the 
portions of said two credit card numbers are associated with 
different credit card expiration dates, although the portions 
of said two credit card numbers are numerically equal. 
20. The system of claim 11, wherein the instructions cause 
20 the central processor to construct the message to include a 
request that the customer indicate a specific one of the 
plurality of the credit card numbers of the customer that 
should be used in a transaction with the merchant, in a return 
message. 

* # * * * 
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